Professional Documents
Culture Documents
SORC
SORC
Global DDoS
Attack Landscape
Report
2022 Global
DDoS Attack
Landscape
Key Findings
01 02
Attacks greater than 100 Gbps
increased by more than 50% year
on year, representing an attack
The number of DDoS attacks in over 100 Gbps every hour on
2022 increased by 273% average. The attack peak
compared to 2021. DDoS threats exceeded 1 Tbps in six months,
have maintained consistent and UDP-based attacks were the
growth over the past four years. most common. About one-third of
terabit attacks were reflective
UDP attacks, while the rest were
mainly non-reflective UDP attacks.
03 04
DDoS attacks against critical
Southeast Asia was the attack infrastructure were on the rise.
hotspot. North America was the Hacking gangsters have the
predominant source of application- ability to exploit critical
layer DDoS attack traffic. Peru was vulnerabilities at any time to
hit hardest by application-layer expand their botnet for DDoS
DDoS attacks. attacks, which poses a great
threat to critical infrastructure.
TABLE OF CONTENTS
1. Global DDoS Attack Trends........................................................................ 2
DDoS Attacks Increased Dramatically..................................................................... 2
High-Volume DDoS Attacks Were on the Rise ........................................................ 2
DDoS Attack Targets Became More Specific and Attacks Were More Persistent
Year over Year ....................................................................................................... 4
Southeast Asia Remained a Hotspot for Cyberattacks............................................ 4
North America Was a Predominant Source of Application-layer DDoS Attack
Traffic..................................................................................................................... 4
Peru Was Hit Hardest by Application-layer DDoS Attacks ...................................... 5
DDoS Attacks Increasingly Targeted Critical Infrastructure .................................... 5
2. Attack Vectors ............................................................................................ 6
UDP-based Attacks Were Favored by Hackers ....................................................... 6
UDP Fragment Flood Stood Out ............................................................................ 7
Cloud9 Malicious Add-on, a New Attack Tool, Emerged for Remote Control ......... 7
Attackers Focused on Remote Login and Web Application Services ...................... 7
The "Quick Spike" Attack Tactic Continued to Take Dominance ............................ 8
3. Botnet Analysis ........................................................................................... 9
Distribution of Botnet Attack Activities .................................................................. 9
Bot Distribution ..................................................................................................... 9
Botnet Command-and-Control Server Analysis ..................................................... 10
Analysis of Botnet Attack Instructions .................................................................. 11
The United States Became the Top Target for Botnet DDoS Attacks ................... 12
4. Defense and Protection Confrontation Cases .......................................... 13
Case 1: Protecting a Customer Against a Multi-Vector Volumetric DDoS Attack .. 13
Case 2: Reflection/Amplification Attack Exploiting CVE-2022-26143 ................... 14
Case 3: Large-Scale UDP Flood DDoS Attacks...................................................... 14
5. Mitigation Challenges and Recommendations ......................................... 17
Challenge 1 .......................................................................................................... 17
Challenge 2 .......................................................................................................... 17
6. About NSFOCUS Cloud DPS .................................................................... 18
PAGE 1
1. Global DDoS Attack Trends
DDoS Attacks Increased Dramatically
The data shows that DDoS attacks in 2022 increased by 273% compared to 2021. Except January, DDoS attacks in each
month of 2022 increased significantly compared to 2021. May, September, and October saw the most DDoS attacks.
PAGE 2
Terabit-level attacks emerged most in
June to July and November to December,
accounting for 94% in 2022.
Trend of high-volume DDoS attack traffic over 100 Gbps by month in 2022
PAGE 3
DDoS Attack Targets Became More Specific and Attacks Were
More Persistent Year over Year
PAGE 4
Peru Was Hit Hardest by Application-layer DDoS Attacks
DDoS attackers attempt to exhaust the available resources of target networks, applications, or services, causing damage
to critical infrastructure that plays a vital role in business continuity. Their high downtime costs mean that the ransom is
more likely to be paid.
In recent years, DDoS botnets continue to exploit vulnerabilities to expand their reach. In 2022, the number of
vulnerabilities exploited by botnets in the wild reached 135. New vulnerabilities are integrated within a few hours after
disclosure. As a result, vulnerable hosts can be rapidly controlled and implanted with trojans before their vulnerabilities
are fixed.
Mirai, as one of the most active botnets, was observed to carry 77 medium and high-risk vulnerabilities in 2022, such as
Apache Log4j RCE vulnerability (CVE-2021-44228), F5 BIG-IP unauthorized RCE vulnerability (CVE-2022-1388), and
Spring4Shell RCE vulnerability (CVE-2022-22965). Initially compromising devices by exploiting weak passwords, Mirai
now evolves its tactics to exploit vulnerabilities for expanding its botnet. Mirai seeks every opportunity to infect more
hosts to expand the control range.
We can conclude that hacking groups have the ability to employ critical vulnerabilities at any time to expand their
botnet to large numbers of hosts for DDoS attacks, which poses a great threat to critical infrastructure.
PAGE 5
2. Attack Vectors
UDP-based Attacks Were Favored by Hackers
Distribution of vectors for DDoS attacks larger than 100 Gbps in 2022
PAGE 6
UDP Fragment Flood Stood Out
In 2022, UDP flood attacks, SYN flood attacks, and UDP fragment flood attacks were top 3 network-layer DDoS attacks.
Compared to 2021, UDP flood attacks increased by 8.01%, and SYN flood attacks decreased by 15.08%. It is noteworthy
that UDP fragment flood attacks increased significantly. During a UDP fragment DDoS attack, attackers transmit forged
UDP packets which seem larger than the maximum transmission unit, but only part of which are sent actually. These
fragments cannot be reassembled by the server. When large numbers of fragments hit the targeted server, server
resources are sapped, ultimately making the server inaccessible.
Distribution of attack vectors for network-layer DDoS attacks in 2021 and 2022
Cloud9 consists of three JavaScript files for collecting system information, mining cryptocurrencies, performing DDoS
attacks, and injecting scripts that run browser exploits. The malware can use hosts to perform application-layer DDoS
attacks via HTTP POST requests to the target region.
As the pandemic in 2022 made working from home a new normal, the remote login service via TCP port 23 and file
transfer service via FTP port 21 became the most frequent targets of DDoS attacks. In addition, websites with high
security requirements, like online banking, shopping, and finance websites, generally adopt the HTTPS service. If such
websites come under DDoS attacks, huge economic loss will be incurred.
PAGE 7
Number of attack events on affected ports in 2022
PAGE 8
3. Botnet Analysis
Distribution of Botnet Attack Activities
Bot Distribution
PAGE 9
Botnet Command-and-Control Server Analysis
Cloud server vendors and Telcos affected with most C& C servers
PAGE 10
Analysis of Botnet Attack Instructions
Mirai launched nearly half of the DDoS attacks and reached the peak in July and August. The total number of attack
instructions of XorDDoS exceeded that of the traditional family Gafgyt. XorDDoS contributed to nearly 40% attack
activities in 2022.
PAGE 11
The United States Became the Top Target for Botnet DDoS
Attacks
Botnet attacks generally aim for economic benefits, and the level of activity is closely related to the economic level in
the region. As the world's largest economy, the United States becomes the most frequent target of botnet attacks. In
2022, the most active Mirai botnet and well-known botnets like Gafgyt and XorDDoS all targeted the United States most.
China and Germany also suffered a large number of DDoS attacks launched by Mirai.
PAGE 12
4. Defense and Protection Confrontation Cases
Case 1: Protecting a Customer Against a Multi-Vector
Volumetric DDoS Attack
On December 2, 2022, a customer was under a high-volume DDoS attack, which was a UDP flood attack and whose
attack peak reached 1.45 Tbps. In the following week, more than 9 attack methods were employed and more than 40
attacks were launched against the customer. A majority of attacks used large UDP packets, and the rest mainly used
large ACK packets and PSHACK packets. 70% of attacks exceeded 100 Gbps, and nearly 50% of attacks were greater
than 500 Gbps.
The analysis of the attack source shows that one variant of Mirai participated in the attack and the two C&C IP addresses
captured were 157.XXX.102.XXX (located in Bangalore, India) and 138.XXX.65.XXX (located in Frankfurt, Germany)
respectively. Attackers used more than 40,000 bots worldwide to launch the attack.
PAGE 13
Case 2: Reflection/Amplification Attack Exploiting CVE-2022-
26143
In early March 2022, a customer in Latin
America experienced a UDP flood attack
whose attack traffic peaked at 66.9 Gbps.
The attack used a fixed source port 10074.
The in-depth analysis shows that it was a
reflection and amplification attack launched
by hackers exploiting the TP-240 driver
vulnerability
(CVE-2022-26143).
When the customer was attacked, NSFOCUS’s security team rapidly offered emergency response by communicating
with the customer and conducting packet capture and analysis. The attacked IP address was found to provide an online
gaming service via UDP ports 27030 and 27055. The attacker sent a single query request to the server from a random
source with a complete protocol stack. The requests from these random sources had the same payload and the
messages were normal.
For the UDP flood attack on July 15, the mitigation efficiency was 98.87%.
PAGE 14
For the UDP flood attack on October 5, the mitigation efficiency was 98.88%.
For the UDP flood attack on October 27, the mitigation efficiency was 98.8%.
It was a small UDP packet attack in which the attacker used a random source. If the traditional rate limit was adopted,
the customer’s legitimate business traffic would be affected. After a closer look, NSFOCUS found more detailed attack
PAGE 15
signatures to block the attack source, without affecting the availability of customer business. A further analysis shows
that the TTL of all UDP attack packets was 251, whereas the default TTL of Windows or MacOS operating systems is 128
or 64. NSFOCUS concluded that the attack packet was crafted by an attack tool. Based on these attack signatures,
NSFOCUS immediately adjusted the protection policy for the customer, achieving a high filtering ratio across the attack
lifecycle and effectively ensuring normal business operations.
PAGE 16
5. Mitigation Challenges and Recommendations
Challenge 1
The terabit-level DDoS attack has become a real threat. It impairs attacked services and congests networks of operators,
further affecting other services of the equipment room.
Recommendation
As construction of an equipment room with super-large bandwidth will lead to a higher cost and lower bandwidth
utilization for organizations, they should turn to cloud computing vendors with massive protection bandwidth to defend
against terabit-level DDoS attacks, or leverage the cloud vendor's end-to-end integrated protection capabilities to
protect against attacks.
Challenge 2
Hacking groups constantly evolve. Their attack capabilities are changing and improving every day, and attack methods
are unpredictable. As ordinary organizations have limited security protection staff and resources, it is hard for them to
learn about the latest attack situation and defend against attacks. They stay in a passive position when confronting with
highly skilled hacker groups.
Recommendation
With professional security protection experts and massive attack and defense scenarios of customers, cloud computing
vendors should invest more in security protection to track the latest attack and defense situation and constantly iterate
protection strategies, offering comprehensive security capabilities to protect customers against threats.
PAGE 17
6. About NSFOCUS Cloud DPS
NSFOCUS’s Anti-DDoS devices have the largest market share in China and an industry-leading position in the
international market.
These Anti-DDoS devices are augmented by NSFOCUS’s unique threat intelligence from sources in China and outside.
NSFOCUS has established eight global cloud scrubbing centers, covering regions that are targeted by most DDoS
attacks, such as Asia Pacific, North America, Latin America, and Europe.
By using the Anycast technology, NSFOCUS is capable of combining near-source traffic scrubbing with service nodes
across the globe. The terabit-class scrubbing capacity provides customers with unlimited protection. NSFOCUS also has
a global backbone service network that provides support for customers through the nearest service node with the
lowest latency and maximum stability.
NSFOCUS Cloud DPS Service provides 24/7 service in multiple languages to assist customers with security management
and emergency response against attacks.
PAGE 18
www.nsfocusglobal.com
Prof. Elifas Fernandes Gorgonho Farias
Data:
DSM - NOITE Aluno(s): Visto do(s) aluno(s):
SORC - 2023/1 Pontuação:
A2 - LAB SORC
01/06/2023
RUBRICA DE AVALIAÇÃO - A2 - LAB SORC
Conectividade Nível IIS - Sites Nível APACHE - Sites Nível Desafio - Backups das configurações Nível GRUPO Nível
Ambos os servidores realizam seus
Os três servidores se comunicam É possível acessar os três sites a partir do É possível acessar os três sites a partir do backups através de scripts e Todos do grupo participaram da
via PING 2 cliente Windows 7 2 cliente Windows 7 2 agendador/crontab 3 avaliação 1
Dois dos três servidores se É possível acessar dois sites a partir do É possível acessar dois sites a partir do Um dos servidores realiza seus backups
comunicam via PING 1 cliente Windows 7 1 cliente Windows 7 1 através de scripts e agendador/crontab 1,5 Parte do grupo participou da avaliação 0
Os servidores não se comunicam É possível acessar um site a partir do É possível acessar um site a partir do cliente Nenhum dos servidores realiza seu
via PING 0 cliente Windows 7 0,5 Windows 7 0,5 Backup 0,5
DSM – SISTEMAS OPERACIONAIS E REDES DE COMPUTADORES
LABORATÓRIO SORC 2023/1 – PROF. ELIFAS
Objetivo:
Configurar três(03) sites no APACHE (Em Linux)
• www.sorc.com
• www.cotia.com
• www.suaempresa2.com (escolha o nome e endereço que quiser para o site /
cuidado para não repetir o nome escolhido no IIS)
• Cliente Windows 7
• Servidor Linux
Windows 7: Cliente
Usuário → Administrador
Senha → Fatec@20223
Passo 1:
Colocar as duas máquinas virtuais na mesma rede (LEMBRTE: Você já colocou o Windows 7
na mesma rede do Windows Server, insira o Linux na mesma rede)
(Passo já apresentado nas tarefas do IIS / Inserir na mesma rede utilizada no IIS)
DSM – SISTEMAS OPERACIONAIS E REDES DE COMPUTADORES
LABORATÓRIO SORC 2023/1 – PROF. ELIFAS
Ao logar no Linux, abrir o terminal: botão direito na área de trabalho / abrir terminal
Configuração do IP no Linux
O campo HWADDR (mac address) deverá corresponder ao mac address gerado pelo VMWARE
Por enquanto, deixem o firewall desativado com o comando service iptables stop
/etc/selinux/config
DSM – SISTEMAS OPERACIONAIS E REDES DE COMPUTADORES
LABORATÓRIO SORC 2023/1 – PROF. ELIFAS
Possíveis problemas:
Passo 2:
Passo 3:
Criar a estrutura básica das patas para os sites
Exemplo:
<HTML>
</HTML>
DSM – SISTEMAS OPERACIONAIS E REDES DE COMPUTADORES
LABORATÓRIO SORC 2023/1 – PROF. ELIFAS
Passo 4:
Iniciar configuração dos sites (Nesse exemplo trabalharei com o site
www.suaempresa2.com)
Ir até a pasta do APACHE aonde fica seu principal arquivo de configuração, o HTTPD.CONF
/etc/httpd/conf
Passo 5:
Ajustar a resolução de nome
Acessar o Windows 7
Objetivo:
Configurar três(03) sites no Microsoft IIS
• www.fatec.com
• www.dsm.com
• www.suaempresa.com (escolha o nome e endereço que quiser para o site)
• Cliente Windows 7
• Servidor Windows
DSM – SISTEMAS OPERACIONAIS E REDES DE COMPUTADORES
LABORATÓRIO SORC 2023/1 – PROF. ELIFAS
Windows 7: Cliente
Usuário → Administrador
Senha → Fatec@2023
Passo 1:
Colocar as duas máquinas virtuais na mesma rede
Ou
DSM – SISTEMAS OPERACIONAIS E REDES DE COMPUTADORES
LABORATÓRIO SORC 2023/1 – PROF. ELIFAS
Possíveis problemas:
Passo 2:
Adicionar o IIS no Windows Server
Passo 3:
Criar a estrutura básica das patas para os sites
Exemplo:
<HTML>
Página TESTE IIS
</HTML>
DSM – SISTEMAS OPERACIONAIS E REDES DE COMPUTADORES
LABORATÓRIO SORC 2023/1 – PROF. ELIFAS
Passo 4:
Iniciar configuração dos sites (Nesse exemplo trabalharei com o site www.testeiis.com)
Abrir o IIS
DSM – SISTEMAS OPERACIONAIS E REDES DE COMPUTADORES
LABORATÓRIO SORC 2023/1 – PROF. ELIFAS
Criar um local para os LOGS desse site (dentro da pasta do site, EX:
C:\SITES\www.testeiis.com\logs) e ajustar nas configurações do site
DSM – SISTEMAS OPERACIONAIS E REDES DE COMPUTADORES
LABORATÓRIO SORC 2023/1 – PROF. ELIFAS
Passo 5:
Ajustar a resolução de nome
Acessar o Windows 7
Como ainda não temos servidor de DNS nesta estrutura, iremos ajustar no arquivo hosts
(c:\windows\system32\drivers\etc\hosts)
Objetivos
• Manipulação de LOGS
• Ajuste de página padrão
• Restrição por IP (Intranet x Extranet)
• Backup e restore
Na aula anterior, ajustamos no IIS para que cada site grave seus logs em uma pasta
específica (Exemplo: c:\sites\www.testeiis.com\logs)
DSM – SISTEMAS OPERACIONAIS E REDES DE COMPUTADORES
LABORATÓRIO SORC 2023/1 – PROF. ELIFAS
Podemos ajustar a periodicidade do rotacionamento desse log, por padrão ele vem
com a opção “diariamente” marcada, costumo utilizar a mesma configuração, mas isso
pode ser alterado de acordo com suas necessidades
Para simularmos o uso do LOG, realize alguns acessos utilizando os navegadores IE e FIREFOX
na máquina virtual Windows 7 cliente
Opção padrão
Personalizado
• www.fatec.com → fatec.html
• www.dsm.com → dsm.html
• www.suaempresa.com → suaempresa.html
DSM – SISTEMAS OPERACIONAIS E REDES DE COMPUTADORES
LABORATÓRIO SORC 2023/1 – PROF. ELIFAS
Primeiro você define se o padrão é permitir ou bloquear o acesso, para depois configurar as
exceções
Considerando o padrão acima (acesso permitido), abaixo vamos criar uma regra de bloqueio,
essa regra poderá ser ou IP específico ou rede, utilizando sua máscara
DSM – SISTEMAS OPERACIONAIS E REDES DE COMPUTADORES
LABORATÓRIO SORC 2023/1 – PROF. ELIFAS
o Restautar um Backup
▪ c:\windows\system32\inetsrv\appcmd.exe restore backup “BKP1”
▪ Nesse exemplo, irei deletar alguma configuração do IIS e realizar o
restore
▪ Deletando as configurações do site www.testeiis.com
Realizando o restore
DSM – SISTEMAS OPERACIONAIS E REDES DE COMPUTADORES
LABORATÓRIO SORC 2023/1 – PROF. ELIFAS
o Deletar um Backup
▪ c:\windows\system32\inetsrv\appcmd.exe delete backup “BKP1”
Caso precise por algum motivo deletar um backup do IIS, o comando realiza essa função
Professor
Elifas
Oriundo da área de TI (Sistemas de Informação / Segurança
/ Redes de Computadores)
Atuação na área de TI: 2000 – 2020*
21 faltas = Reprovado
Alunos fora da lista = Devem reguralizar sua
situação na secretaria da FATEC. A regularização é
responsabilidade do aluno
CHAMADA ONLINE!!!
Representante da sala
Responsável por encaminhar as mensagens para a turma
Enviar os dados de contato (e-mail e WhatsApp)
Contato via WhatsApp somente com o representante da
turma
APRESENTAÇÃO DA DISCIPLINA
Método de avaliação
Padrão FATEC COTIA
(A1 + P1 + A2 + P2*2)/5
A1 – Seminário
A2 – LAB SORC
P1 – Prova 1º período
Comandos no Linux
Firewall
Servidor de arquivos
Scripts
APRESENTAÇÃO DA DISCIPLINA
Laboratório SORC – 2023/1
Ambiente virtualizado
Servidor Windows
Cliente Windows
Servidor Linux
APRESENTAÇÃO DA DISCIPLINA
Laboratório SORC – 2023/1
Ambiente virtualizado
APRESENTAÇÃO DA DISCIPLINA
Laboratório SORC – 2023/1
Utilização de VMWARE no LAB
Utilizar as máquinas da pasta
Não deletar
Podemos começar?
SORC
Nós vamos
programar! SO e
Redes não são
problemas
nossos!
Nós vamos
programar! SO e
Redes não são
problemas
nossos!
Nós vamos
programar! SO e
Redes não são
problemas
nossos!
Nós vamos
programar! SO e
Redes não são
problemas
nossos!
Assuntos P1
LAB SORC (tarefas realizadas até o momento)
Sistemas Operacionais
Servidores Web
REVISÃO PARA P1
SISTEMAS OPERACIONAIS
Andrew Stuart Tanenbaum.
O que é?
Pra que serve?
Sistema E/S (I/O)
Entrada / Processamento / Saída
Arquitetura
Exemplos de SO
Servidores
Conectividade
REVISÃO PARA P1
SISTEMAS OPERACIONAIS DE REDE
SOL
SOR
Transparente para o usuário
REVISÃO PARA P1
SISTEMAS OPERACIONAIS DE REDE
Como funciona?
Processamento dividido entre cliente e servidor
Módulo redirecionador
SORC
Cliente
SORS
Servidor
REVISÃO PARA P1
SISTEMAS OPERACIONAIS DE REDE
Arquitetura
Peer-to-Peer
Pontos positivos:
Segurança
Alta disponibilidade
Recursos distribuídos
Pontos negativos
Desempenho
Ataques de DDOS
“Man in the Middle”
Worms
Contaminação de arquivos
REVISÃO PARA P1
SISTEMAS OPERACIONAIS DE REDE
Arquitetura
Cliente-Servidor
Servidor dedicado
Peer-to-peer
Servidor não
dedicado
REVISÃO PARA P1
SISTEMAS OPERACIONAIS DE REDE
Modelo OSI
REVISÃO PARA P1
SISTEMAS OPERACIONAIS DE REDE
Modelo OSI
7 Aplicação
Interface com aplicativos
HTTP, FTP
REVISÃO PARA P1
SISTEMAS OPERACIONAIS DE REDE
Modelo OSI
6 Apresentação
Compressão
MPEG, JPEG
Criptografia
SSL
REVISÃO PARA P1
SISTEMAS OPERACIONAIS DE REDE
Modelo OSI
5 Sessão
Controle se sessão entre os aplicativos
SSH
REVISÃO PARA P1
SISTEMAS OPERACIONAIS DE REDE
Modelo OSI
4 Transporte
Conexão entre os hosts
Portas
TCP, UDP
REVISÃO PARA P1
SISTEMAS OPERACIONAIS DE REDE
Modelo OSI
3 Rede
Endereço lógico
IP, ICMP
Roteadores
REVISÃO PARA P1
SISTEMAS OPERACIONAIS DE REDE
Modelo OSI
2 Enlace de dados
Endereço físico
Switch
Ethernet
REVISÃO PARA P1
SISTEMAS OPERACIONAIS DE REDE
Modelo OSI
1 física
Hardware
Meios de transmissão
Cabos de rede
REVISÃO PARA P1
SISTEMAS OPERACIONAIS DE REDE
Modelo OSI
REVISÃO PARA P1
SERVIDORES WEB
Mercado
Um profissional da área de sistemas precisa conhecer um
servidor Web?
Sim, hoje em dia é muito comum que as empresas
possuam website
Sim, as aplicações Web cada vez crescem mais devido ao
seu conceito multiplataforma
Sim, com isso existem inúmeras oportunidades de
trabalho
E o principal?
Página dinâmica
REVISÃO PARA P1
SERVIDORES WEB
Protocolos
HTTP
HTTPS
FTP
REVISÃO PARA P1
SERVIDORES WEB
Protocolos
HTTP
Camada 7(Aplicação)
REVISÃO PARA P1
SERVIDORES WEB
Protocolos
HTTPS/SSL / Camada 6(Apresentação)
SSL
REVISÃO PARA P1
SERVIDORES WEB
Página estática
HTML puro
Sem processamento no servidor
REVISÃO PARA P1
SERVIDORES WEB
Página dinâmica
‘engine’
Processamento no servidor
REVISÃO PARA P1
SERVIDORES WEB
Apache
Fundação Apache
Origem: NCSA
1ª versão: 1995
Código aberto
Solução livre
Módulos
Só funciona no Linux?
NÃO!!!
Windows
Mac
Outros
REVISÃO PARA P1
SERVIDORES WEB
NGINX
1ª versão: 2005
Acumula várias funções
Servidor Web
Proxy
Proxy reverso
Balanceador
Kernel
User mode
Solução paga
App pool
JAN/2022
• NGINX: 32%
• APACHE: 29%
• IIS: 4%
http://news.netcraft.com/archives/category/web-server-survey/
REVISÃO PARA P1
SERVIDORES WEB
Qual tecnologia é mais utilizada?
Adobe APACHE
Apple APACHE
CNN APACHE
Facebook APACHE
Globo APACHE
Mercado Livre APACHE
Microsoft IIS
MSN IIS
Terra APACHE
Wikipedia APACHE
Youtube APACHE
REVISÃO PARA P1
SERVIDORES WEB
E as vulnerabilidades?
Fonte: http://br.zone-h.org/archive/special=1
REVISÃO PARA P1
SERVIDORES WEB
Qual tecnologia é a melhor?
Quem configurou?
Qual a preocupação com a segurança?
Qual a topologia?